Baldr Malware

 

 

A new form of information-stealing malware called Baldr believed to be the work of experienced hackers is making the rounds in Russian underground forums.

Information stealers such as Baldr have proven popular in rapid-fire attacks and phishing, given their ability to capture information including machine data, browser history, some stored passwords — depending on how and where they are buried — and valuable files.

Baldr is no different. The malware has “high-level functionality” and the team says is by no means a script kiddie effort thrown together for quick cash.

Instead, Baldr is able to gather user profile data including browser information, as well as detecting the existence of cryptocurrency wallets, VPNs, Telegram, and Jabber. The malware then cycles through the files and folders of key PC locations in order to extract information from important file types.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Baldr Malware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.

 

CVE-2019-7130

 

 

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical and an important vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: Adobe

How do you protect yourself?

Update Adobe Flash Player to version 32.0.0.171.

 

Anubis Android Trojan

 

 

An Android application which steals PayPal credentials, encrypts files from the device’s external storage, and locks the screen using a black screen was spotted in the Google Play Store by ESET malware researcher Lukas Stefanko.

Behind the app’s malicious behavior is an Anubis Android banking Trojan malware payload, a well-known Trojan designed to steal banking credentials, provide its masters with a RAT backdoor, and send SMS spam among other things.

Once the Anubis banking Trojan is dropped by a malware downloader on a victim’s compromised device, it starts collecting banking info either with the help of an inbuilt keylogger module or by taking screenshots when the user inserts credentials into apps, unlike other banking Trojans known to use overlay screens for the same task.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Anubis Android Trojan and similar threats. Backing up your data and having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.